I have a web application that I have created that uses the basic asp.net authentication. The authentication systems are working fine code-wise, however I cannot get IIS7 to send the cookies to IE web browsers.

When I browse to my site in Chrome or Firefox, everything works great and I can see the cookies in the headers. However, when I try to login under IE, the login succeeds but no cookies are sent in the HTTP headers.

I have no idea how to debug this issue any further. IE is set to accept all cookies, but IIS does not appear to be serving any cookies to the browser. If I am on the webserver itself and I browse to http://localhost/ everything works fine, but if I use the dns name for the webserver I get no cookies as well.

If I configure the application's web.config to use URL based authentication when IIS detects it can't use cookies, IIS somehow sees that it cannot get cookies and then uses URL based authentication.

As of right now to me it seems like IIS is the issue since I have cookies fully enabled in my IE and it still doesn't work. Furthermore, the same web application works on my local IIS server in IE with cookies functioning perfectly, even when external users use my dns name. However, I don't know where to go from here.

1 Answer
1

Finally figured out the answer. It turns out if the domain has an underscore in it, Internet Explorer tells the web server to never send cookies. Taking out the underscore in the computer's name fixed the issue.